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•• The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 03 July 2001 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Qt/ay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-55 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 7-55 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^3 The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)Q accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTIOIN 

1 . Claims 1-55 are presented for examination. 

Claim Objections 

2. Claim 53 is objected to because of the following informalities: Applicant is claiming 
claim 53 as it depends on it self (claim 53 is- dependent on claim 53). Appropriate correction is 
required. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1-3, 10-11, 13, 18-22, 28-29, 31, 36-39, 45-46, 48, and 53-55 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Bugnion et al. (Bugnion, US Patent Number 
6,075,938) in view of Derks (US Patent Number 6,810,033 B2). 

As per claim 1, and 20, Bugnion teaches apparatus or a method providing one or more computer 
services for a plurality of customers (Bugnion Col. 6 lines 6-35), the apparatus comprising a real 
computer on which is set up of each of said customers at least one virtual machine for each of 
said customers (Bugnion Col. 5 lines 1-13), 
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Bugnion does not explicitly teach set up request of each of said customers, and 

said at least one virtual machine for each of said customers having a specification 
specified by the respective customer, 

However, Derks discloses set up at the request of each of said customers at least one 
virtual machine for each of said customers (Derks Col. 5 lines 16-55, and col. 3 lines 7-12), said 
at least one virtual machine for each of said customers having a specification specified by the 
respective customer (Derks Col. 5 lines 16-55, and col. 3 lines 7-12), 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Derks with in the system of Bugnion because 
it would allow to identify the gateway with the internet address carried by the set up request 
message and transmit data over the connection in order to address one out of more terminals 
connected to the remote gateway and set up a virtual connection (Derks Col. 5 lines 16-55). 

As per claim 37, Bugnion teaches a method of operating a real computer on behalf of plural 

customers, the method comprising the step of: 

operating plural virtual machines on the real computer (Bugnion Col. 6 lines 6-35), 
Bugnion does not explicitly teach having a specification specified by a respective one of 

the customers in accordance with a computer service to be provided by the virtual machine on 

behalf of that customer, 

However Derks discloses each of said plural virtual machines having a specification 

specified by a respective one of the customers in accordance with a computer service to be 
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provided by the virtual machine on behalf of that customer (Derks Col. 5 lines 16-55, and col. 3 
lines 7-12), 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Derks with in the system of Bugnion because 
it would allow to identify the gateway with the internet address carried by the set up request 
message and transmit data over the connection in order to address one out of more terminals 
connected to the remote gateway and set up a virtual connection (Derks Col. 5 lines 16-55). 

As per claim 54, Bugnion teaches a method of providing for a plurality of customers one or more 
computer services selected from: file, data and archiving services; applications hosting services; 
database hosting services; data warehouse services; knowledge management hosting services; 
digital media production services; "intellectual property" and streaming media services; simple 
web hosting services; complex e-commerce web hosting services; high performance computation 
services; electronic messaging and conferencing services; and, learning neuro-computer services 
(Bugnion Abstract); the method comprising the steps of: 

setting up on a real computer of each of said customers at least one virtual machine for 
each of said customers (Derks Col. 5 lines 16-55, and col. 3 lines 7-12), 

Bugnion does not explicitly teach set up request of each of said customers, 

said at least one virtual machine for each of said customers having a specification 
determined in accordance with the computer service or services requested by said customer, 

However, Derks discloses setting up on a real computer at the request of each of said 
customers at least one virtual machine for each of said customers (Derks Col. 5 lines 16-55, and 
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col. 3 lines 7-12), said at least one virtual machine for each of said customers having a 
specification determined in accordance with the computer service or services requested by said 
customer (Derks Col. 5 lines 16-55, and col. 3 lines 7-12), 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Derks with in the system of Bugnion because 
it would allow to identify the gateway with the internet address carried by the set up request 
message and transmit data over the connection in order to address one out of more terminals 
connected to the remote gateway and set up a virtual connection (Derks Col. 5 lines 16-55). 

As per claims 2, 21, and 38, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches apparatus or method, wherein plural virtual machines are set up 
within the real computer for at least one of said customers (Bugnion Col. 6 lines 6-35, and col. 5 
lines 1-13). 

As per claims 3, 22, and 39, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches apparatus or a method, wherein the or each virtual machine for at 
least one of said customers is connected to a virtual network set up for said at least one customer 
within the real computer (Bugnion Col. 15 lines 54-col. 16 lines 12). 

As per claims 10, 28, and 45, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches apparatus or a method, comprising a plurality of real data storage 
devices and at least one virtual storage subsystem that is configured to allow said real data 
storage devices to emulate one or more virtual storage devices (Bugnion Col. 5 lines 1-28, and 
col. 7 lines 38-48). 
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As per claims 1 1, 29, and 46, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches apparatus or a method, wherein the at least one virtual storage 
subsystem is configured to emulate at least one respective virtual storage device for each 
customer (Bugnion Col. 5 lines 1-28, and col. 7 lines 38-48). 

As per claims 13, 31, and 48, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches apparatus or a method, wherein the apparatus is configurable to 
provide at least one of the services selected from: file, data and archiving services; applications 
hosting services; database hosting services; data warehouse services; knowledge management 
hosting services; digital media production services; "intellectual property" and streaming media 
services; simple web hosting services; complex e-commerce web hosting services; high 
performance computation services; electronic messaging and conferencing services; and, 
learning neuro- computer services (Bugnion Abstract). 

As per claim 18, Bugnion and Derks teach all the subject matter as described above. In addition 
Bugnion teaches apparatus, wherein the real computer comprises plural physical computers 
(Bugnion Col. 6 lines 6-35). 

As per claim 19, Bugnion and Derks teach all the subject matter as described above. In addition 
Bugnion teaches in combination, a first apparatus and a second apparatus that is substantially 
identical to said first apparatus, the first and second apparatus being connected by a 
communications channel so that the second apparatus can provide for redundancy of the first 
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apparatus thereby to provide for disaster recovery if the first apparatus fails (Bugnion Col. 5 lines 
40-47). 

As per claims 36, 53, and 55, Bugnion and Derks teach all the subject matter as described above. 
In addition Bugnion teaches a method, comprising the step of moving said at least one virtual 
machine from a first real computer to a second real computer (Bugnion Col. 4 lines 51-67). 

5. Claims 4-9, 12, 14-17, 23-27, 30, 32-35, 40-44, 47, and 49-52 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Bugnion et al. (Bugnion, US Patent Number 
6,075,938) in view of Derks (US Patent Number 6,810,033 B2), and in further view of Bowman- 
Amuah (Bowman, US Patent Number 6,697,824 Bl). 

As per claims 4, 23, and 40, Bugnion and Derks teach all the subject matter as described above. 

Bugnion and Derks do not explicitly teach apparatus or a method, comprising a virtual 
intrusion detection device for detecting an attack on the virtual network. 

However Bowman teaches a virtual intrusion detection device for detecting an attack on 
the virtual network (Bowman Col. 75 lines 63-col. 76 lines 37). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Bowman within the combination system of 
Bugnion and Derks because it would allow to audit services and identify vulnerabilities 
(Bowman Col. 75 lines 63-col. 76 lines 37). 
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As per claims 5, 24, and 41 , Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus or a method, wherein at least one virtual 
machine is connected to a virtual firewall (Bowman Fig. 36 Number 3604) that is connectable to 
an external network to which customers and/or other users can connect such that access to said at 
least one virtual machine by a customer or other user via a said external network can only take 
place through a virtual firewall (Bowman Fig. 36, and col. 75 lines 63-col. 76 lines 37). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Bowman within the combination system of 
Bugnion and Derks because it would allow to control access at entry points into both the network 
and the customer location, and restrict access to more sensitive servers on the internal network, 
web pages, files, and directories (Bowman Col. 76 lines 19-36). 

As per claims 6, 25, and 42, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus or a method, wherein the or each virtual 
machine for a particular customer is connected to a virtual firewall that is dedicated to that 
customers virtual machine or machines, each virtual firewall being connectable to an external 
network to which each of said customers and/or other users can connect such that access to a 
virtual machine by a customer or other user via a said external network can only take place 
through a virtual firewall provided for that virtual machine or machines (Bowman Fig. 36, and 
col. 75 lines 63-col. 76 lines 37). The rational for combining are the same as claim 5 above. 
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As per claims 7, 26, and 43, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bugnion teaches setup within the real computer (Bugnion Col. 5 
lines 1-13), and 

Bowman teaches apparatus or a method, wherein each virtual firewall is set up within the 
real computer (Bowman Col. 75 lines 63-col. 76 lines 5), the or each virtual machine for each 
customer being connected to a first port of the virtual firewall (Bowman Fig. 36 No. 3604) that is 
dedicated to that customer's virtual machine or machines, each virtual firewall having a second 
port connected to a virtual network (Bowman Fig. 36 No. 3604) that is set up within the real 
computer and that is connectable to an external network (Bowman Col. 75 lines 63-col. 76 lines 
37, and Fig. 36). The rational for combining are the same as claim 5 above. 

As per claims 8, 27, and 44, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus or a method, wherein the second port of 
each virtual firewall (Bowman Fig. 36 No. 3604) is connected to the same virtual network that is 
set up within the real computer and that is connectable to an external network (Bowman Fig. 36 
No. 3604, and Internet Dal-up). The rational for combining are the same as claim 5 above. 

As per claims 9, Bugnion, Derks, and Bowman teach all the subject matter as described above. 
In addition Bowman teaches apparatus, wherein the or at least one of the virtual firewalls is 
implemented by a virtual machine on the real computer, said virtual firewall virtual machine 
running firewall software (Bowman Col. 75 lines 63-col. 76 lines 37). The rational for 
combining are the same as claim 5 above. 
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As per claims 12, 30, 47, Bugnion, Derks, and Bowman teach all the subject matter as described 
above. In addition Bowman teaches apparatus or a method, comprising a detection device for 
detecting evidence of malicious software or hostile attack signatures on the at least one virtual 
storage subsystem (Bowman Col. 75 lines 63-col. 76 lines 37). The rational for combining are 
the same as claim 4 above. 

As per claims 14, 32, and 49, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus or a method, comprising virtual private 
network software to provide an encrypted communication channel for communication between at 
least some of said virtual machines (Bowman Col. 68 lines 7-18). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Bowman within the combination system of 
Bugnion and Derks because it would allow to prevent unauthorized access to the data during 
transmission (Bowman Col. 68 lines 7-18). 

As per claims 15, 33, and 50, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus or a method comprising virtual private 
network software to provide an encrypted communication channel for communication between at 
least one virtual machine and an external computer (Bowman Col. 68 lines 7-18, and col. 75 
lines 63-col. 76 lines 37). The rational for combining are the same as claim 14 above. 
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As per claims 16, 34, and 51, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition Bowman teaches apparatus, comprising virtual private network 
software to provide an encrypted communication channel for communication between a first 
virtual network and a second virtual network (Bowman Col. 68 lines 7-18, Fig. 36 No. 3602, No. 
3604VPH and col. 75 lines 63-col. 76 lines 37). The rational for combining are the same as claim 
14 above. 

As per claims 17, 35, and 52, Bugnion, Derks, and Bowman teach all the subject matter as 
described above. In addition teaches apparatus, comprising virtual private network software to 
provide an encrypted communication channel for communication between a virtual network and 
external computer (Bowman Col. 68 lines 7-18, and Fig. 36 No. 3602, No. 3604VPH, and 
Internet Dial-Up). The rational for combining are the same as claim 14 above. 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A Shiferaw whose telephone number is 571-272-3867. The 
examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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